Kubernetes AcceleratedYour Path to Enterprise Cloud Native

We are excited to announce the release of Tarmak, 0.6! If unfamiliar,
Tarmak is a CLI toolkit to provision and manage
Kubernetes clusters on AWS with security-first principles. This new release
brings a host of great new features and improvements, including pre-built AMI images
for worker nodes, new CLI commands, use of the Kubernetes Addon-manager and more.

Running a young and growing company in the Kubernetes space means travelling at high speed in an ever-changing market. We are heading into our fourth year of business, and around this time of year I like to step back from the noise and figure out some of the larger trends I’m seeing develop.

I am not a technologist by background, so my thoughts tend to be more commercial in nature. If you’re interested, I wrote a similar post last year.

Certificate management in highly dynamic environments is no easy feat, and if approached without careful consideration
could quickly lead to outages and service interuption when certificates begin expiring.
By standardising on a single tool for managing your PKI assets, you can ensure that certificates are being
automatically renewed, and that the appropriate teams are notified if there are any issues or policy violations within
your cluster.

Spinnaker is a cloud-native continuous delivery tool created at Netflix and was originally designed and built to help internal development teams release software changes with confidence. Since then it has been open-sourced and has gained the support of a growing number of mainstream cloud providers including Google, Amazon, Microsoft, IBM and Oracle.
At Jetstack we receive questions almost on a daily basis from our customers about how to deploy to Kubernetes across different environments and in some cases to clusters in multiple cloud providers/on-prem.

Since the start of 2018, the Jetstack team has over doubled in size. As we scale to tackle a variety of different projects, and grow out new functions in the organisation, we have been fortunate enough to welcome some new very talented team members in the start of 2019.

A bit of background… I joined Jetstack in May 2018 as a Solutions Engineer and since then I have helped customers with their Kubernetes journey. At Kubecon in Copenhagen we launched our Jetstack Kubernetes Subscription and together with that we also created our CRE role.
CRE stands for Customer Reliability Engineer, a role conceived by Google with the mission of reducing customer anxiety by sharing operational responsibilities and generally being closer to your customers.

After the recent Kubernetes security vulnerability, it is time for some positive news again.
Three weeks ago we released Tarmak 0.5. Tarmak is a toolkit for Kubernetes cluster provisioning and management. This recent release has seen a lot of improvements and new features. We were pleased to be able to shorten the release cycle for 0.5 to three months, and we will be releasing regularly and maintaining this faster pace of development as we progress towards 1.

If you’ve attended one of our in-person Operational Wargaming workshops, you’ll be familiar with the format. We provision Kubernetes clusters and then break them, in order to simulate production issues and cluster failures.

With Flightdeck, these same exercises are now available on-demand, so operations teams can become familiar with troubleshooting cluster failures and drill themselves on effective response and resolution.

Introduction Our Kubernetes training programme forms a considerable part of our services at Jetstack. In 2017 alone we trained more than 1,000 engineers from over 50 different companies, and so far in 2018 we have already delivered over 60 courses. We are constantly making an effort to ensure that our course content is refined and up-to-date, and that it reflects both the real-world experience of our engineers and also the evolving Kubernetes ecosystem.

Businesses operating at scale face several challenges. Not only must many applications be maintained - running in different environments and built in different languages - but application behavior should be monitored closely, whilst adhering to strict security policies. There is a lot to juggle.

Simon, our Head of Growth, details his experience as part of the growing commercial team at Jetstack.
What are your main duties as Head of Growth at Jetstack? ‘Head of Growth’ is a relatively new title that has been more recently adopted by fast growing tech companies. It can mean different things to different people but the role is usually focused on scaling a business, product or customers. In my case, at Jetstack, I lead the business development side of the organisation which includes our Sales & Go-to-Market, Marketing and PR functions.

Our guess is, you haven’t - and nor have many other people. However, this didn’t stop Christian’s talk from attracting a large following at KubeCon Europe 2018, nor did it deter some curious conference goers from attempting to win a robot of their own!

Those of you who closely follow Jetstack’s open source projects may have already noticed that our
new certificate management tool, cert-manager, has been available for some time now.
In fact, we now have over 1,000 stars on GitHub!

Cert-manager is a general purpose x509 certificate management tool for Kubernetes.
In today’s modern web, securing application traffic is critical.
cert-manager aims to simplify management, issuance and renewal of certificates within your
organisation.

Coming up to four years since its initial launch, Kubernetes is now at version 1.10. Congratulations to the many contributors and the release team on another excellent release!

At Jetstack, we push Kubernetes to its limits, whether engaging with customers on their own K8s projects, training K8s users of all levels, or contributing our open source developments to the K8s community. We follow the project day-to-day, and track its development closely.

Introduction As ever, the Jetstack team are incredibly busy. Recent months have seen back-to-back Kubernetes consulting, training and open source development, as more and more companies adopt Kubernetes in order to meet the demands of their business.
It has to be said that at Jetstack we are scaling to meet the demands of our business: Just 3 months into 2018, and we have already grown by 3 members! We are delighted to welcome to our team Matt (yes, another!

This blog post provides an insight into how we run our Kubernetes workshops as we prepare for even more from Jetstack training in 2018.
Introduction In 2017, Jetstack ran more than 25 Kubernetes in Practice workshops: We trained engineers from over 80 different companies in London and across Europe, and had a great time doing so!
2018 promises to be an even busier year for Jetstack training, with several dates already in the diary for our first and second series of Beginner and Intermediate workshops.

Not long ago, I overheard the Jetstack team chatting about recent changes in the market and the increasingly widespread adoption of Kubernetes. Only when I reflected to write this did I realise that we have been saying the same thing every few months for the past year.
Indeed, the Kubernetes market shows no sign of slowing down. Jetstack alone has tripled in size as we scale to cater to demand, KubeCon has gone from a couple of hundred in a small room to 4000 in a vast conference centre, and recent announcements have seen millions of dollars pour into the space as companies like Cisco and VMWare announce strategic investments.

Navigator is a Kubernetes extension for managing distributed databases.
In this post we’ll tell you about all the improvements we’ve made since we unveiled it last year, including:
experimental support for Apache Cassandra clusters,
improved support for Elasticsearch clusters,
and a Helm chart for easy installation!
We’ll also give you an overview of the Navigator roadmap for 2018.

In this Hidden Gems blog post, Luke looks at the new volume snapshotting functionality in Kubernetes and how cluster administrators can use this feature to take and restore snapshots of their data.
Introduction In Kubernetes 1.8, volume snapshotting has been released as a prototype. It is external to core Kubernetes whilst it is in the prototype phase, but you can find the project under the snapshot subdirectory of the kubernetes-incubator/external-storage repository.

Solutions Engineer Luke provides an insight into what it’s like to work on Kubernetes projects with Jetstack.
What made you want to work for Jetstack? I wanted to work for Jetstack because they offered me the opportunity to work on a variety of different projects, both with private clients and in open source.
On one hand, I provide consultation for customers about Kubernetes best practices, and run workshops with Google to teach those who are relatively new to Kubernetes about the various tools available within the software.

We are proud to introduce Tarmak, an open source toolkit for Kubernetes cluster lifecycle management that focuses on best practice cluster security, management
and operation. It has been built from the ground-up to be cloud provider-agnostic and provides a means for consistent and reliable cluster deployment and management, across clouds and on-premises environments.

In the coming weeks we will be releasing a series of blog posts called Kubernetes 1.8: Hidden Gems, accenting some of the less obvious but wonderful features in the latest Kubernetes release. In this week’s gem, Luke looks at some of the main components in the core metrics and monitoring pipelines and in particular how they can be used to scale Kubernetes workloads.
Introduction One of the features that makes Kubernetes so powerful is its extensibility.

Jetstack are pleased to open source a proof-of-concept sidecar for deployment of managed Couchbase clusters on OpenShift. The project is the product of a close engineering collaboration with Couchbase, Red Hat and Amadeus, and a demo was presented at the recent Red Hat Summit in Boston, MA.

This project provides a sidecar container that can be used alongside official Couchbase images to provide a scalable and flexible Couchbase deployment for OpenShift and Kubernetes. The sidecars manage cluster lifecycle, including registering new nodes into the Couchbase cluster, automatically triggering cluster rebalances, and handling migration of data given a scale-down or node failure event.

Today we are proud to introduce Navigator, a centralised controller for managing the lifecycle of complex distributed applications. It intends to be the central control point for creating, updating, managing and monitoring stateful databases and services with Kubernetes.

Navigator is open source and extensible from day one. We launch today with support for Elasticsearch in alpha, with Couchbase support soon to land in the next few weeks, and more planned.

With over 5000 commits and almost 350 contributors from the community and across industry, Kubernetes is now at version 1.3 and launched last week.

It is nearly two years ago that Kubernetes first launched. The scale of community engagement and innovation in the project has been staggering, with individuals collaborating alongside industry leaders (Google, RedHat et al) to push forward and bring production-grade container cluster management to all. This blog will investigate 1.3 and some of the hidden gems found in it.

In this blog post, we are pleased to introduce Kube-Lego, an open source tool for automated Let’s Encrypt TLS-enabled web services running in Kubernetes.

TLS has become increasingly important for production deployment of web services. This has been driven by revelations of surveillance post-Snowden, as well as the fact that Google now favours secure HTTPS sites in search result rankings.

An important step towards increased adoption of TLS has been the availability of
Let’s Encrypt. It provides an easy, free-of-charge way to obtain certificates. Certificates are limited to a 90-day lifetime and so the free certificate authority (CA) encourages full automation for ease-of-use. At the time of writing, Let’s Encrypt has approaching 3.5 million unexpired certificates so adoption has certainly been strong.

In our previous blog, Getting Started with a Local Deployment, we deployed an Nginx pod to a standalone (single-node) Kubernetes cluster. This pod was bound to a specified node. If the pod were to fail unexpectedly, Kubernetes (specifically, the Kubelet service) would restart the pod. By default, pods have an ‘Always’ restart policy, but only to the node that it is first bound; it will not be rebound to another node. This means of course that if the node fails then pods will not be rescheduled elsewhere.

In Part 1 of this series of blogs, we introduced Kubernetes, an open source container management system from Google, based on operational systems that run over 2 billion containers a week. Kubernetes will very soon be production-ready with the 1.0 release scheduled for this month. In this second part, we will get hands-on, setup a local cluster and deploy a Nginx web server.

Google’s Kubernetes open source project for container management has just recently celebrated its first birthday. In its first year, it has attracted massive community and enterprise interest. The numbers speak for themselves: almost 400 contributors from across industry; over 8000 stars and 12000+ commits on Github. And many will have heard it mentioned in almost every other conversation at recent container meetups and industry conferences – no doubt with various different pronunciations!